Details
-
Patch
-
Resolution: Done
-
Major
-
None
-
JBossAS-4.0.4.GA
-
None
Description
Currently the ssl socket factories don't have any notion of picking up settings like the enabled cipher suites from system properties or the security domain in the case of the org.jboss.security.ssl.DomainSocketFactory. We should be able to set any JSSE SSLSocketFactory setting from these external values by injecting a fully configured socket factory:
<mbean code="org.jboss.mq.il.uil2.UILServerILService"
name="jboss.mq:service=InvocationLayer,type=SSLUIL2">
...
<attribute name="ServerSocketFactoryBean">
attributeClass="org.jboss.security.ssl.DomainServerSocketFactory"
serialDataType="javaBean">
<property name="bindAddress">${jboss.bind.address}</property>
<property name="securityDomain">java:/jaas/rmi-ssl</property>
<property name="wantsClientAuth">true</property>
<property name="needsClientAuth">true</property>
<property name="CiperSuites">TLS_DHE_DSS_WITH_AES_128_CBC_SHA</property>
<property name="Protocols">SSLv2Hello,SSLv3,TLSv1</property>
</attribute>
</mbean>
Attachments
Issue Links
- is incorporated by
-
JBPAPP-1279 JBAS-3755 : Expose all SSL socket factory settings via properties or attributes for UIL2
- Resolved